Skip to main content
Documentation

 

Druva Documentation

View audit trail for users

  1. Last updated
  2. Save as PDF
inSync Cloud Editions: File:/tick.pngElite Plus         File:/tick.png Elite     File:/tick.png Enterprise     File:/tick.pngBusiness
(Purchase Separately)  (Purchase Separately)

Overview

The following table lists the user activities that you can filter according to the activity types.

Note:

  • If users prevent administrator access to their data, the administrators cannot search and view information on the files or folders that users download or restore. For more information, see Configure the user data privacy policy.
  • If an administrator has updated the profile for a user, inSync displays the user activities performed only after the profile change .
    However, inSync records all the user activities, performed before and after profile change, and displays it under common list of Audit Trails that contains all the activities for all the inSync users.

View user activities

To view user activities:

  1. On the inSync Management Console menu bar, click Governance > Audit Trails.
  2. Click the User Audit Trail tab.
  3. Apply Filters to view audit trail specific to user, activity type, and time period.
    • In the User section, enter the email ids of the users you want to filter the audit trail for. You can enter multiple comma-separated valid email ids. The activity trail for invalid email ids will not be displayed.
    • In the Activity Type list, click the filter that you want to apply. The list of activities and related filters is listed in the table below. 
    • In the Time Period list, select the period for which you want to view the list of user activities.
  4. Click View. The activity results for the filters applied will be displayed. By default no activities will be displayed.
Activity Filter description
All

Displays all activities of all users.

Note: Files & Folders (additional) activities will not be displayed. 
Access & Backup

Select the required filters to view the details of the following activities related to Access & Backup.

  • Mobile Access - Activities where users accessed backup data by using their mobile.
  • Unauthorized Access - Activities where users tried to access inSync from outside of your corporate network.
  • Data Downloaded - Activities where users downloaded backup data.
  • Data Restored - Activities where users restored backed up data.
Collaborator

Select the required filters to view the details of the following activities related to Collaborator.

  • Added - Activities where users were added to the list of collaborators for a shared folder.
  • Removed - Activities where users were removed from the list of collaborators for a shared folder.
  • Permission changed - Activities where permissions for a collaborator on a folder were changed.
Files & Folders

Select the required filters to view the details of the activities related to Files & Folders.

  • Folder Shared - Activities where users shared folders by using inSync Share.
  • Folder Un-shared - Activities where users stopped sharing previously shared folders.
  • Folder Synced - Activities where users synced shared folders.
  • Folder Un-synced - Activities where users un-synced shared folders.
  • Downloaded - Activities where users downloaded folders by using inSync Share.
  • Restored - Activities where users restored folders by using inSync Share.
  • Purged - Activities where users purged folders by using inSync Share.
Files & Folders (Additional)

Select the required filters to download the details of the activities related to Files & Folders (Additional).

  • Added - Activities where users added files & folders.
  • Deleted - Activities where users deleted files & folders.
  • Files Edited - Activities where users edited files.

Note: These activities are not displayed on the activities page and can be downloaded only.
Links

Select the required filters to view the details of the activities related to Links.

  • Created/Shared - Activities where users created or shared a download link for a file.
  • Edited - Activities where users edited a download link for a file.
  • Viewed - Activities where users viewed a download link for a file.
  • Downloaded - Activities where users downloaded link for a file.
  • Deleted - Activities where a user deleted a download link.
  • Expired - Activities where a download link stopped being active.
Workspace

Select the required filters to view the details of the activities related to Workspace.

  • Synced - Activities where a user synced a workspace.
  • Un-synced - Activities where a user un-synced a workspace.

Download or view user audit trail

As an inSync administrator, you can download the user audit trail in HTML or CSV format. Cloud administrators can view and download audit trail of all users. However, profile administrators can view and download user activity of only those profiles that are assigned to the profile administrator. Additionally, users who have data protection officer role & view only role can view and download the user audit trail.

To download or view user audit trail:

  1. On the inSync Master Management Console menu bar, click Governance.
  2. Click the User Audit Trail tab. 
  3. In the Activity Type list, click the filter that you want to use.
  4. In the Time Period list, click the period for which you want to view the list of user activities.
  5. In the Download list, click the file format in which you want to download the data about user activity.
  6. Click View to view the audit trail activity results.

The downloaded file is saved at the default download location of your web browser.

User Audit Trail report details

HTML format sample report

CSV format sample report

Field    Description
Generated Date and timestamp when the report is generated.
Activities Activity type for which the report is generated.
Interval The time period selected to generate the report.
Time Zone The time zone for the country that is selected.
Audit Trail The audit trail for which the report is generated.
Username Username of the user who performed the activity.
Email ID Email id of user who performed the action.
Activity

The activity type the user selected to perform.
Item Details of the files/folder/User on which event is performed.
IP Address/ Device

User's public IP address is logged if the activity is performed from inSync web.

Device name is logged if the activity is performed from a Client device.
Time Timestamp when the activity is performed.
Details Details of the activity performed.

Time period filter

inSync displays the user activities list based on the duration that you select in the Time Period list. The options available in the Time Period list is dependent on how the audit retention period is configured. By default, the audit retention period for users is to 30 days and the options available in the Time Period list are Today, Last 7 days, and Last 30 days. By default, the time period is set to Last 7 days

To view user activities for more than 30 days, you must change the audit trail retention policy for the users.

Note: User audit trail for File & Folder (additional) activities will be retained for 3 months only.